Cross site request forgery (commonly abbreviated as both “CSRF” and “XSRF”) is a common web vulnerability. CSRF occurs when attackers are able to transmit unauthorized or malicious requests to a website from a user that the website trusts. In some cases, CSRF attacks can force the user to perform state changing requests like transferring bank account funds, changing email addresses or passwords, and other unwanted modifications or transferences of data.